04b10186e43bda4b69e4c82df951a4ed | Triage

Sharing

General

Target

04b10186e43bda4b69e4c82df951a4ed
Size

61KB
MD5

04b10186e43bda4b69e4c82df951a4ed
SHA1

083d5eb3c94646a5a0411c1d1325a03e9fe3e498
SHA256

cb7a5823ab1a670d9b4c1c96be1694a091f60da6749f5d44945d00460d29b8ac
SHA512

0ab2c6599bbe80f21791a8d575e26d565b0000b78775f3900e9f5bc2a575b5e812a5d8b14273076b43901446186692a5d48b9e171cd621df5a78fef34ac5ed81
SSDEEP

1536:Y/vJe2lP4nh9Ok+vDwHF9J5UB+eA8oxIf3sz:YHM2lQ9Ll9JuB+Z5xHz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04b10186e43bda4b69e4c82df951a4ed

Files

04b10186e43bda4b69e4c82df951a4ed
.exe windows:4 windows x86 arch:x86

431a1dcc9a894e4acd5377ebe894b231

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumResourceLanguagesW
ExitProcess
ExitThread
GetModuleHandleA
VirtualFree
lstrcatA
lstrcpyA
lstrcpynA
lstrlenA

msvcrt

__p__commode
__set_app_type
fprintf
sscanf
strpbrk
wcscat
__getmainargs

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ